Dan Phiffer is an Internet enthusiast based in Troy, NY

Until yesterday I hadn’t thought too much about DNS metadata leakage. Here’s how it works: your computer sends out a request to resolve a DNS hostname, let’s say “topsecretwebsite.example,” and your DNS server responds back with its IP address in a way that’s easy to eavesdrop on. It’s wild that the Internet works like this by default.

What happened yesterday is a company called CloudFlare (a popular and free content delivery network) announced a new DNS service at the IP address 1.1.1.1. (Yes it launched on April 1, no it’s not a joke.) The service supports a couple of interesting privacy protecting options: DNS-over-HTTPS and DNS-over-TLS. Those technologies don’t guarantee your DNS lookups are accurate (check out DNSSEC for that), or that the DNS provider won’t someday betray you, they just make it’s harder to collect metadata by listening in on DNS’s cleartext port 53.

3. Download the CA certificate

In order to verify the identity of the DNS server, you’ll need to configure the TLS_FORWARD with either a hash of its certificate or the hostname and CA certificate. We are using the latter method, since it’s more readable and less prone to breaking when they rotate out their SSL certificate.

First, inspect the SSL certificate from https://1.1.1.1/. Some internet connections won’t load that website, I’ve actually found https://1.0.0.1/ to be more reliable. The way you can find the certificate is clicking on the green lock icon next to the URL. Then navigate to the details and export the Certificate Authority (CA) certificate.

How to export the CA certificate file.

Finally, move the .crt file you exported into /usr/local/etc/kresd to match the path configured above.

4. Restart kresd

Restart the service for your change to take effect.

sudo brew services restart knot-resolver

5. Test the “before”

Now you want to configure your system to use the local DNS service. First, see how it responds before we add our own DNS server into the mix.

kdig plannedparenthood.com

You should see some results resolving plannedparenthood.com to its IP address 104.18.62.117, with this detail at the bottom about where the results came from (yours will be different).

;; From 10.67.104.1@53(UDP) in 753.2 ms

Basically my computer just broadcast in cleartext, over UDP port 53, “hey 10.67.104.1 do you know where I can find PLANNEDPARENTHOOD.COM?” This happens each time you load up a website.

6. Configure macOS

7. Test the “after”

Try kdig plannedparenthood.com again. Now you should see your local address at the bottom.

;; From 127.0.0.1@53(UDP) in 1648.7 ms

You’ll get the same IP address result, but now delivered to you with the privacy of TLS encryption. Hooray!

What else?

If that doesn’t work for you, you may want to check out the log file /usr/local/var/log/kresd.log for errors.

Also consider using other privacy-protecting DNS services beyond 1.1.1.1. I applaud CloudFlare for drawing attention to how we can improve our network privacy, but if we all use the same service it creates a single point of failure. Alternatively you could go with 9.9.9.9, or pdns.greenhost.net, or dns.cmrg.net (dkg’s own service), or something else.

You should also know there are situations where you need to use a specific DNS server. For example, if you are on a corporate network it might rely on hostnames that aren’t hosted anywhere but on the internal DNS servers. So realize that adjusting your DNS settings means things may break in the future. Try to remember this for when you end up with mysterious network issues in the future!

I am awash in thoughts and feelings this week. Donald J. Trump will very likely be our next President. This fact has already emboldened hate groups, leaving us to contemplate what the next four years could mean—especially for friends who will likely become targets of bigotry.

Should we go outside and protest? Should we turn inward and lean on our support networks? Do we start thinking about the 2018 midterms? Yes. Yes to all of it. If you need time away from this divisive election, you’ll be welcome to join us when you’re ready. I completely understand, especially if you worked on a 2016 political campaign.

For my part, I am regrouping, considering how I can do more, do better. Some friends have asked me about strategies for resisting surveillance. Digital privacy will become even more important in the coming years, and we should all collectively get better at protecting ourselves.

Keep in mind that surveillance is forcontrolling your behavior. If you’ve ever said “but I have nothing to hide,” now is a good time to consider whether you intend to keep it that way. If you do choose to toe that line—maybe you want to wait and see if a President Trump keeps to his campaign promises—take a moment to consider how pervasive surveillance and the threat of anticipated consequences may be blinding you from a civic responsibility to resist.

I’d like to write more about this in the coming weeks, but for starters here are some links that might be helpful. Stay safe out there.

The premise driving the people writing encryption software is not exactly that we’re giving people new rights or taking some away: it’s the hope that we can enforce existing rights using algorithms that guarantee your ability to free speech, to a reasonable expectation of privacy in your daily life. When you make a credit card payment or log into Facebook, you’re using the same fundamental encryption that, in another continent, an activist could be using to organize a protest against a failed regime.

In a way, we’re implementing a fundamental technological advancement not dissimilar from the invention of cars or airplanes. Ford and Toyota build automobiles so that the entire world can have access to faster transportation and a better quality of life. If a terrorist is suspected of using a Toyota as a car bomb, it’s not reasonable to expect Toyota to start screening who it sells cars to, or to stop selling cars altogether.

The prognosis for publishers is grim. Repent! Find a way out of the adtech racket before it collapses around you. Ditch your tracking, show dumb ads that you sell directly (not through a thicket of intermediaries), and beg your readers for mercy. Respect their privacy, bandwidth, and intelligence, flatter their vanity, and maybe they’ll subscribe to something.

One way I could see publishers phasing in this more-respectful business model is through existing web browsers’ do-not-track differentiation. Every modern browser has privacy settings that let an individual user opt out of online tracking. That do-not-track preference gets included with each and every web request, but it’s up to the website operator to act on it. As far as I can tell, all adtech companies seem to ignore this preference completely.

Firefox privacy preferences

Okay, so are you ready for my idea for how publishers can escape the adtech bubble? Stay with me here, because this is a crazy suggestion: if I’ve signaled through my preferences that I prefer not to be tracked, then … I dunno, maybe don’t track me.

A typical ad-driven website relies on dozens of companies to show me slow loading, poorly-customized advertising. But there’s nothing stopping the website itself from simply not letting those companies’ code onto the page.

I would say just switch to dumb (non-tracking) ads for everyone, but I know how this would play out: “it’s too extreme, we can’t afford it!” But here’s the thing, if you think this adtech spaghetti business is going to collapse, you’ll have to start switching traffic over to something else eventually. Why not start out with current and future subscribers (aka “users”) who’ve already indicated they prefer not to be tracked by the adtech industry? Just do what we’ve been asking for in the first place.

Here’s how: if a given visitor has checked the do-not-track box, you’ll be able to detect it. Adjust your ad libraries and CDNs to detect the DNT: 1 HTTP header and then show a small message congratulating yourself, and set aside those ad spots for “artisanal” ads. Once things are rolling along you can ditch the old bloated, crappy ads for everybody else.

You can already tell what proportion of visitors have do-not-track enabled, it’s there in the traffic stats if you look for it. You could pitch this to the higher ups with real numbers, and spin it as a Premium Advertising Experience, like organic fair trade traffic without all the slow bandwidth-bloat and creepy surveillance.

The big challenge, of course, is this type of effort involves cooperation between many departments that may not currently get along well. But getting the ad sales people and the ad tech people and the web developers to get along is important.

Nobody likes working on ads, and I know it’s hard to just get buy-in, let alone actually launch a new thing. But an adtech collapse might be an existential threat, better to get in front of this now rather than wait for it to happen.

Update: since this was written, the letsencrypt-auto script has improved significantly. When I tried it again today (December 8, 2015), the process was basically just cloning the GitHub repo and running ./letsencrypt-auto. I’ll leave the original (outdated) information here for posterity.

As of today phiffer.org is being served using SSL encryption thanks to a free certificate from Let’s Encrypt. It’s a recently launched service, sponsored by Mozilla and the Electronic Frontier Foundation (among others), intended to make HTTPS encryption ubiquitous on the web.

Let’s Encrypt is very new, and there are still some rough edges, but overall I’m impressed by how smoothly the process went. I wanted to document my experience, in case it’s helpful to others (and future-me). This post is a bit more technical than usual and, because the service is new, much of it may not be relevant very long into the future. That said, I hope this might offer some clues for folks trying to get up and running on HTTPS.

Does your lifestyle prevent you from qualifying for insurance discounts?
Do you lack sufficient time for exercise or have limited access to sports facilities?
Maybe you just want to keep your personal data private without having to pay higher insurance premiums for the privilege?

Unfit Bits provides solutions. At Unfit Bits, we are investigating DIY fitness spoofing techniques to allow you to create walking datasets without actually having to share your personal data. These techniques help produce personal data to qualify you for insurance rewards even if you can’t afford a high exercise lifestyle.

Facebook recently filed a rather unsettling patent application describing (among other things) a hypothetical social-graph-based credit scoring system. What level of freaked out would be an appropriate response?

Facebook makes its money by encouraging people to have large friend networks and create lots of content for it to show ads against. And given that that’s the primary profit driver for Facebook, as a practical manner, it would really surprise me if they decided to get into the credit-scoring business, just because I think that’s going to make people feel panicked and uncomfortable. If I were them, I would not be in a giant rush to do that.

This makes me wonder if a lot of people suddenly started blocking ads, would companies like Facebook move quickly to adopt more dystopian business models? Or would they be more likely to start embracing those business models much earlier—quietly, secretly, mischievously—in anticipation?

Ad fraud works because the market for ads is so highly automated. Like algorithmic trading, decisions happen in fractions of a second, and matchmaking between publishers and advertisers is outside human control. It’s a confusing world of demand side platforms, supply-side platforms, retargeting, pre-targeting, behavioral modeling, real-time bidding, ad exchanges, ad agency trading desks and a thousand other bits of jargon.

The winners in this game are the ones running the casino: big advertising networks, surveillance companies, and the whole brand-new industry known as “adtech”.

The losers are small publishers and small advertisers. Universal click fraud drives down the value of all advertising, making it harder for niche publishers to make ends meet.

It is starting to feel like Fall here in New York, and I am up to some new things since the last time I wrote here in January (!). By the way, those New Years resolutions? They are going terribly! So it goes.

The big news, if you hadn’t heard, is that I’ve left my job at the New Yorker magazine. I am still very proud of how the redesign turned out, and I learned a ton from my many amazing colleagues there, but after two years it just felt like time for me to move on. So I am back to freelancing, and feeling excited to work on some new things. And yes, I am looking for new clients, you should hire me!

In addition to freelancing, I’ve also started a fellowship at Columbia’s Tow Center for Digital Journalism. I’m working with an awesome group of collaborators using telephony and wifi darknets as tools for gathering stories. I’ll be posting more about that here in the coming weeks.

Also, if you look around, you may notice I’ve updated my WordPress theme a bit. The underlying structure is very similar to what I had before, but I focused on a few key improvements:

The page layout is now responsive, so it works better on very small and very large screens.

So long green and red, hello pink! I’ve also made it easy to change the color scheme in the future through the magic of Sass variables.

Comments are gone! At least for now, maybe I’ll change my mind about that. I do love getting feedback about stuff I post on here, so drop me a line if you might have otherwise left a comment.

Of all the changes in this website update, the one I feel best about is cutting out the third-party tracking. I’ve noticed that YouTube embeds serve up a DoubleClick advertising tracker, just by loading a page with a video, which isn’t cool. Now video embeds only load on demand, after you’ve hit the play button (mobile visitors may need to tap two times). Naturally, you’ll still be tracked by Google if you play an embedded YouTube video, but otherwise the page shouldn’t leak data to any off-site parties.

Third-party trackers, before and after. Mint is the one thing I kept around, but it’s hosted on my own server.

The bottom line is I am in control of what goes up on phiffer.org, which includes things like hidden advertising trackers. Now there is slightly less ambient surveillance around here. Plus the pages should load marginally faster!

Two years ago, Mark Zuckerberg told startup publicist Mike Arrington that “people have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.”

Facebook has evolved over time too. No longer privately held, it is itself a public company, with a public CEO. We think it’s time he evolves along with his company. In short, it’s time for Mark to go public too.

Here’s the deal: We’re going to pay for photos and videos of Mark Zuckerberg taken between now and Labor Day. Snap a photo or shoot some video of Mark. At a bar, after a conference, on the street. Totally great. We want pictures of him that he isn’t expecting to have made. If we run it, we’ll send you a cool $20.

I’m going to go out on a limb and say $20 is low compared to standard paparazzi rates. This reminds me a little of Rob Cockerham’s paparazzi contest, which was great fun to participate in.

Apparently he revealed his new voice during an Oprah taping. His wife Chaz is hearing it for the first time in this video clip. It’s heartwarming and the guy is obviously very brave for going this route, but it also feels to me like an intrusion on their private moment.